3.4 Lessons Learned
As a programmer:
Always define proper error conditions.
Always validate return values correctly.
Not all kernel NULL pointer dereferences are simple denial-of-service conditions. Some of them are really bad vulnerabilities that can lead to arbitrary code execution.
As a system administrator:
Don’t blindly trust zones, compartments, fine-grained access controls, or virtualization. If there is a bug in the kernel, there’s a good chance that every security feature can be bypassed or evaded. And that’s true not only for Solaris Zones.
Get A Bug Hunter's Diary now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.